Aruba & ProVision-based
cancel
Showing results for 
Search instead for 
Did you mean: 

HP 2920 switch won't allow acess of servers to Internet

SOLVED
Go to solution
krhoover
Occasional Advisor

HP 2920 switch won't allow acess of servers to Internet

I am installing virtual machines at our location and have 2 stacked HP 2920 switches. I have all the network communicating, but I can't get the virtual servers to the Internet. Using ping and pathping, I think the problem lies in the switch configuration (attached).  The firewall is 10.10.0.3.

15 REPLIES
Macoyzki
Visitor

Re: HP 2920 switch won't allow acess of servers to Internet

Hi,

I think you missed the attachment. Please check if your gateway is the VLAN IP Address of the switch and it has route to your firewall.

krhoover
Occasional Advisor

Re: HP 2920 switch won't allow acess of servers to Internet

Sorry if I seem like a newbee on this one, but the VLANs have their on gateway internal to the switch. The switches IP is 10.10.0.1 and has a gateway which is the IP of the network firewall. The only thing I noticed was that the running config listed a "Primary" as VLAN 10, when the default VLAN is the IP address of the switch.  Is there a way (and should I) of changing this "Primary" to the default VLAN?

krhoover
Occasional Advisor

Re: HP 2920 switch won't allow acess of servers to Internet

Sorry, somehow the attachment did not make it. here is the running config.

Vince-Whirlwind
Honored Contributor

Re: HP 2920 switch won't allow acess of servers to Internet

Your switch looks fine.

Does your firewall have a route for 10.10.50.0/24?

krhoover
Occasional Advisor

Re: HP 2920 switch won't allow acess of servers to Internet

In the beginning, I went through a lot of headaches with the firewall. It is a Cisco ASA 5505 firewall. I have attached the running config for the firewall.

16again
Respected Contributor

Re: HP 2920 switch won't allow acess of servers to Internet

Vinces guess was on target, the ASA lacks proper route to inside networks:
Current config has:
route inside 10.0.0.0 255.0.0.0 ASA
This route should point to L3 switch instead :

route inside 10.0.0.0 255.0.0.0  10.10.0.1

krhoover
Occasional Advisor

Re: HP 2920 switch won't allow acess of servers to Internet

Thanks. I do have a question though (trying not to sound like a newbee), If I enter the command "route inside 10.0.0.0 255.255.0.0 10.10.0.1, will that change the current route or add another one?

Mike_ES
Valued Contributor

Re: HP 2920 switch won't allow acess of servers to Internet


krhoover wrote:

Thanks. I do have a question though (trying not to sound like a newbee), If I enter the command "route inside 10.0.0.0 255.255.0.0 10.10.0.1, will that change the current route or add another one?


This entry will add additional route on your ASA FW, even if next-hop is the same.

Michal

krhoover
Occasional Advisor

Re: HP 2920 switch won't allow acess of servers to Internet

OK, I entered the command but still cannot access the Internet for updates with the virtual machines.

Vince-Whirlwind
Honored Contributor

Re: HP 2920 switch won't allow acess of servers to Internet

Does your ASA have a NAT rule for 10.10.50.0?

krhoover
Occasional Advisor

Re: HP 2920 switch won't allow acess of servers to Internet

I am sorry, I am not understandinig the question. The virtual servers are 10.10.10.xx and are not in the 10.10.50.xx subnet. I have attached the current running config for the firewall.

krhoover
Occasional Advisor

Re: HP 2920 switch won't allow acess of servers to Internet

Also, I did a packet trace at the firewall from one of the virtual machines to an outside IP address and the results said the packet was dropped because the return path was not found.

16again
Respected Contributor

Re: HP 2920 switch won't allow acess of servers to Internet

Route below is still present in ASA, remove it.

route inside 10.0.0.0 255.0.0.0 ASA 1
krhoover
Occasional Advisor
Solution

Re: HP 2920 switch won't allow acess of servers to Internet

How do I do that? Is the command " no route inside 10.0.0.0 255.0.0.0 ASA 1" ?

 

 

krhoover
Occasional Advisor

Re: HP 2920 switch won't allow acess of servers to Internet

That worked!! Thank you all so much for the help!!